Vulnerability of the Microsoft Graphics component in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Microsoft Graphics component in the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted file...

The vulnerability of the Win32k component of the Windows operating system allows a hacker to increase their privileges and execute arbitrary code in kernel mode.

The vulnerability of the Win32k component of the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code in kernel mode through a specially created application...

The vulnerability of the DirectX component in the Windows operating system allows attackers to elevate their privileges and execute arbitrary code in kernel mode.

The vulnerability of the DirectX component in the Windows operating system exists due to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code in kernel mode through a specially created application...

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems stems from insufficient validation of input data, allowing attackers to execute arbitrary code.

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially crafted files in the Advanced Recordin...

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems stems from insufficient validation of input data, allowing an attacker to execute arbitrary code.

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially crafted files in the Advanced Recordin...

Microsoft Windows COM Aggregate Marshaler Elevation of Privilege Vulnerability

Microsoft Windows Server 2019 and others are operating systems released by Microsoft Corporation USA.Windows COM Aggregate Marshaler is one of the components. An elevation of privilege vulnerability exists in Microsoft Windows COM Aggregate Marshaler. An attacker can exploit this vulnerability an...

CVE-2018-8407

An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory, aka "MSRPC Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,...

Passthrough authentication is delayed on Workspace App for Windows 18.8.0.19031

Pass-through authentication is delayed on Workspace App for Windows 18.8.0.19031 Once user logs on to desktop, Workspace App does not log in automatically. User has to right click on Workspace App icon in system tray and click on logon. Application shortcuts are to be placed on desktop - This is...

The vulnerability of the computerdefaults component of the Windows operating system, related to access control errors, allows a perpetrator to escalate their privileges through bypassing the UAC mechanism.

The vulnerability of the computer Defaults.exe component of the Windows operating system is related to access control errors. Exploiting this vulnerability could allow an attacker to enhance their privileges by bypassing the UAC mechanism through manipulation of the registry...

The vulnerability of the BIOS loader of the Hyper-V hardware virtualization platform for Windows operating systems allows a hacker to circumvent built-in security restrictions.

The vulnerability of the BIOS loader of Hyper-V hardware virtualization systems for Windows operating systems arises from the unstable provision of high entropy during loading. Exploiting this vulnerability allows a remote attacker to circumvent built-in security restrictions...

The vulnerability of the Windows operating system, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of the Windows operating system is related to deficiencies in access control within isolated environments. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

CVE-2018-8411

An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016,...

Microsoft WindowsCodecs.dll SniffAndConvertToWideString Information Leak Vulnerability

These vulnerabilities were discovered by Marcin Noga of Cisco Talos. Today, Cisco Talos is disclosing a vulnerability in the WindowsCodecs.dll component of the Windows operating system. WindowsCodecs.dll is a component library that exists in the implementation of Windows Imaging Component WIC,...

Microsoft Edge Chakra Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2018-21219)

Microsoft Windows is a series of operating systems released by Microsoft Corporation USA.Edge is a browser built by Microsoft for Windows 10. A remote memory corruption vulnerability exists in Microsoft Edge Chakra Scripting Engine. An attacker can exploit this vulnerability to execute arbitrary...

The compatibility subsystem’s vulnerability allows for the execution of Linux applications on Windows operating systems, enabling attackers to replace or delete any files they desire.

The vulnerability of the compatibility subsystem for running Linux applications on Windows operating systems is related to errors in character registry handling. Exploiting this vulnerability allows an attacker to replace or delete any files using a specially created application...

The vulnerability of the Microsoft JET Database Engine driver for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft JET Database Engine for Windows operating systems arises due to buffer overflow in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created Excel file...

Microsoft Windows JET Database Engine Remote Code Execution Vulnerability (CNVD-2019-14431)

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. JET Database Engine is an underlying data engine. A remote code execution vulnerability exists in Microsoft Windows JET Database Engine. An attacker can exploit the vulnerability to execute arbitrary...

Researcher Discloses New Zero-Day Affecting All Versions of Windows

A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system including server editions after the company failed to patch a responsibly disclosed bug within the 120-days deadline. Discovered byLucas Leong of the...

The vulnerability of the compatibility subsystem for running Linux applications on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the compatibility subsystem for running Linux applications on Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges...

The vulnerability in the implementation of the SMB network protocol of the Windows operating system allows a perpetrator to trigger a service failure.

The vulnerability of the Microsoft Server Message Block SMB network protocol in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted SMB requests to the...